Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security 
Advisory - SOS-12-008
 
影响产品     Elcom CMS - Community Manager
开发语言               ASP.NET
影响版本.         Elcom Community Manager version 7.4.10 and 
问题发现者         Remote with authentication
解决状态     7.5及更新版本已解决(not verified by 
SOS)
技术分析.
The https://www.2cto.com UploadStyleSheet.aspx script does not validate the file 
type passed in the parameter "myfile0" on the server side allowing the 
uploading and execution of ASPX files. An attacker can upload an ASPX web 
shell and execute commands with web server user privileges.
 
测试证明 (port scanning).
A shell uploaded using the vulnerable 
(https://www.2cto.com /UploadStyleSheet.aspx) script can be accessed at the 
following location: https://[server]/UserUploadedStyles/shell.aspx
 
解决方案
升级